ghost/core/server/services/permissions/providers.js

var _ = require('lodash'),
    Promise = require('bluebird'),
    models = require('../../models'),
    common = require('../../lib/common');

module.exports = {
    user: function (id) {
        return models.User.findOne({id: id, status: 'active'}, {withRelated: ['permissions', 'roles', 'roles.permissions']})
            .then(function (foundUser) {
                // CASE: {context: {user: id}} where the id is not in our database
                if (!foundUser) {
                    return Promise.reject(new common.errors.NotFoundError({
                        message: common.i18n.t('errors.models.user.userNotFound')
                    }));
                }

                var seenPerms = {},
                    rolePerms = _.map(foundUser.related('roles').models, function (role) {
                        return role.related('permissions').models;
                    }),
                    allPerms = [],
                    user = foundUser.toJSON();

                rolePerms.push(foundUser.related('permissions').models);

                _.each(rolePerms, function (rolePermGroup) {
                    _.each(rolePermGroup, function (perm) {
                        var key = perm.get('action_type') + '-' + perm.get('object_type') + '-' + perm.get('object_id');

                        // Only add perms once
                        if (seenPerms[key]) {
                            return;
                        }

                        allPerms.push(perm);
                        seenPerms[key] = true;
                    });
                });

                // @TODO fix this!
                // Permissions is an array of models
                // Roles is a JSON array
                return {permissions: allPerms, roles: user.roles};
            });
    },

    apiKey(id) {
        return models.ApiKey.findOne({id}, {withRelated: ['role', 'role.permissions']})
            .then((foundApiKey) => {
                if (!foundApiKey) {
                    throw new common.errors.NotFoundError({
                        message: common.i18n.t('errors.models.api_key.apiKeyNotFound')
                    });
                }

                // api keys have a belongs_to relationship to a role and no individual permissions
                // so there's no need for permission deduplication
                const permissions = foundApiKey.related('role').related('permissions').models;
                const roles = [foundApiKey.toJSON().role];

                return {permissions, roles};
            });
    }
};
Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`var _ = require('lodash'),`
improvement: general fixes - add NODE_LEVEL to print errors while running tests - try/catch while parsing translations file - run setup/teardown as promise or callback - some general error improvements 2016-05-25 09:34:46 +02:00			`Promise = require('bluebird'),`
Moved labs, auth, permissions, settings, mail, themes to services (#9339) refs #9178 - move tests as well 2017-12-14 03:01:23 +01:00			`models = require('../../models'),`
			`common = require('../../lib/common');`
Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00
Permissions: minor refactors (#9104) refs #9043 - Cleanups / refactors to make the code more manageable - Move remaining code out of index.js - Only "init" function is left. Actions map cache and init function is based heavily on the settings cache module - refactor the odd way of exporting - This was cleaned up naturally by moving the actionsMap object out - rename "effective" -> "providers" - "Providers" provide permissions for different things that can have permissions (users, apps, in future clients). 2017-10-05 20:01:34 +01:00			`module.exports = {`
Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`user: function (id) {`
Fixed permission to only fetch for active users (#11641) no-issue Essentially only active users should have their permissions loaded, this means that suspended or inactive users are stripped of all permissions until their status is changed. 2020-03-05 12:22:50 +02:00			`return models.User.findOne({id: id, status: 'active'}, {withRelated: ['permissions', 'roles', 'roles.permissions']})`
Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`.then(function (foundUser) {`
improvement: general fixes - add NODE_LEVEL to print errors while running tests - try/catch while parsing translations file - run setup/teardown as promise or callback - some general error improvements 2016-05-25 09:34:46 +02:00			`// CASE: {context: {user: id}} where the id is not in our database`
			`if (!foundUser) {`
Import lib/common only refs #9178 - avoid importing 4 modules (logging, errors, events and i18n) - simply require common in each file 2017-12-11 22:47:46 +01:00			`return Promise.reject(new common.errors.NotFoundError({`
			`message: common.i18n.t('errors.models.user.userNotFound')`
			`}));`
improvement: general fixes - add NODE_LEVEL to print errors while running tests - try/catch while parsing translations file - run setup/teardown as promise or callback - some general error improvements 2016-05-25 09:34:46 +02:00			`}`

Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`var seenPerms = {},`
			`rolePerms = _.map(foundUser.related('roles').models, function (role) {`
			`return role.related('permissions').models;`
			`}),`
Owner has all user permissions closes #3075 - added special treatment for role with name ‚Owner‘ 2014-07-09 13:34:38 +02:00			`allPerms = [],`
			`user = foundUser.toJSON();`

Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`rolePerms.push(foundUser.related('permissions').models);`

			`_.each(rolePerms, function (rolePermGroup) {`
			`_.each(rolePermGroup, function (perm) {`
			`var key = perm.get('action_type') + '-' + perm.get('object_type') + '-' + perm.get('object_id');`

			`// Only add perms once`
			`if (seenPerms[key]) {`
			`return;`
			`}`

			`allPerms.push(perm);`
			`seenPerms[key] = true;`
			`});`
			`});`

Permissions: code cleanup & basic unit tests (#9037) refs #9043 - Split public-related and context code into logical components - Split tests up to match - Ensure we have 100% unit test coverage - General cleanup 2017-09-25 10:17:06 +01:00			`// @TODO fix this!`
			`// Permissions is an array of models`
			`// Roles is a JSON array`
Permissions Improvements refs #3083, #3096 In order to implement advanced permissions based on roles for specific actions, we need to know what role the current context user has and also what action we are granting permissions for: - Permissible gets passed the action type - Effective permissions keeps the user role and eventually passes it to permissible - Fixed spelling - Still needs tests 2014-07-23 19:17:29 +01:00			`return {permissions: allPerms, roles: user.roles};`
🎨 configurable logging with bunyan (#7431) - 🛠 add bunyan and prettyjson, remove morgan - ✨ add logging module - GhostLogger class that handles setup of bunyan - PrettyStream for stdout - ✨ config for logging - @TODO: testing level fatal? - ✨ log each request via GhostLogger (express middleware) - @TODO: add errors to output - 🔥 remove errors.updateActiveTheme - we can read the value from config - 🔥 remove 15 helper functions in core/server/errors/index.js - all these functions get replaced by modules: 1. logging 2. error middleware handling for html/json 3. error creation (which will be part of PR #7477) - ✨ add express error handler for html/json - one true error handler for express responses - contains still some TODO's, but they are not high priority for first implementation/integration - this middleware only takes responsibility of either rendering html responses or return json error responses - 🎨 use new express error handler in middleware/index - 404 and 500 handling - 🎨 return error instead of error message in permissions/index.js - the rule for error handling should be: if you call a unit, this unit should return a custom Ghost error - 🎨 wrap serve static module - rule: if you call a module/unit, you should always wrap this error - it's always the same rule - so the caller never has to worry about what comes back - it's always a clear error instance - in this case: we return our notfounderror if serve static does not find the resource - this avoid having checks everywhere - 🎨 replace usages of errors/index.js functions and adapt tests - use logging.error, logging.warn - make tests green - remove some usages of logging and throwing api errors -> because when a request is involved, logging happens automatically - 🐛 return errorDetails to Ghost-Admin - errorDetails is used for Theme error handling - 🎨 use 500er error for theme is missing error in theme-handler - 🎨 extend file rotation to 1w 2016-10-04 17:33:43 +02:00			`});`
Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`},`

Updated permissions service to handle api keys (#9967) refs #9865 - Enabled the permissions module to lookup permissions based on an api_key id. - Updated the "can this" part of the permissions service to load permissions for any api key in the context, and correctly use that to determine whether an action is permissible. It also updates the permissible interface that models can implement to pass in the hasApiKeyPermissions param. 2019-01-18 12:17:12 +01:00			`apiKey(id) {`
			`return models.ApiKey.findOne({id}, {withRelated: ['role', 'role.permissions']})`
			`.then((foundApiKey) => {`
			`if (!foundApiKey) {`
			`throw new common.errors.NotFoundError({`
			`message: common.i18n.t('errors.models.api_key.apiKeyNotFound')`
			`});`
			`}`

			`// api keys have a belongs_to relationship to a role and no individual permissions`
			`// so there's no need for permission deduplication`
			`const permissions = foundApiKey.related('role').related('permissions').models;`
			`const roles = [foundApiKey.toJSON().role];`

			`return {permissions, roles};`
			`});`
Add app permission checking to canThis - Pass permissions loading to buildObjectTypeHandlers to eliminate shared state - Load both app and user permissions to check - Check app permissions if present - Create apps table and App model - Move effectiveUserPermissions to permissions/effective - Change permissable interface to take context; user and app. - Add unit tests for app canThis checks and effective permissions 2014-02-11 21:40:39 -06:00			`}`
			`};`